'use strict';
let uniID = require('uni-id')
const uniCaptcha = require('uni-captcha')
const createConfig = require('uni-config-center')
const CryptoJS = require("crypto-js");

const uniIdConfig = createConfig({
	pluginId: 'uni-id'
}).config()
const db = uniCloud.database()
const dbCmd = db.command
const usersDB = db.collection('uni-id-users')
exports.main = async (event, context) => {
	//UNI_WYQ:这里的uniID换成新的，保证多人访问不会冲突
	uniID = uniID.createInstance({
		context
	})
	console.log('event : ' + JSON.stringify(event))
	/*
	1.event为客户端 uniCloud.callFunction填写的data的值，这里介绍一下其中的属性
	  action：表示要执行的任务名称、比如：登录login、退出登录 logout等
	  params：业务数据内容
	  uniIdToken：系统自动传递的token，数据来源客户端的 uni.getStorageSync('uni_id_token')
	*/
	const {
		action,
		uniIdToken,
		inviteCode
	} = event;
	const deviceInfo = event.deviceInfo || {};
	let params = event.params || {};
	/*
	2.在某些操作之前我们要对用户对身份进行校验（也就是要检查用户的token）再将得到的uid写入params.uid
	  校验用到的方法是uniID.checkToken 详情：https://uniapp.dcloud.io/uniCloud/uni-id?id=checktoken

	  讨论，我们假设一个这样的场景，代码如下。
	  如：
		uniCloud.callFunction({
			name:"xxx",
			data:{
				"params":{
					uid:"通过某种方式获取来的别人的uid"
				}
			}
		})
	  用户就这样轻易地伪造了他人的uid传递给服务端，有一句话叫：前端传来的数据都是不可信任的
	  所以这里我们需要将uniID.checkToken返回的uid写入到params.uid
	*/
	let noCheckAction = ['register', 'checkToken', 'login', 'logout', 'registerAdmin', 'activate', 'checkActivate' ]
	if (!noCheckAction.includes(action)) {
		if (!uniIdToken) {
			return {
				code: 403,
				msg: '缺少token'
			}
		}
		let payload = await uniID.checkToken(uniIdToken)
		if (payload.code && payload.code > 0) {
			return payload
		}
		params.uid = payload.uid
	}

	//禁止前台用户传递角色
	if (action.slice(0, 7) == "loginBy") {
		if (params.role) {
			return {
				code: 403,
				msg: '禁止前台用户传递角色'
			}
		}
	}

	// 3.注册成功后触发。
	async function registerSuccess(uid) {
		//用户接受邀请
		if (inviteCode) {
			await uniID.acceptInvite({
				inviteCode,
				uid
			});
		}
		//添加当前用户设备信息
		await db.collection('uni-id-device').add({
			...deviceInfo,
			user_id: uid
		})
	}
	//4.记录成功登录的日志方法
	const loginLog = async (res = {}) => {
		const now = Date.now()
		const uniIdLogCollection = db.collection('uni-id-log')
		let logData = {
			deviceId: params.deviceId || context.DEVICEID,
			ip: params.ip || context.CLIENTIP,
			type: res.type,
			ua: context.CLIENTUA,
			create_date: now
		};

		if (res.code === 0) {
			logData.user_id = res.uid
			logData.state = 1
			if (res.userInfo && res.userInfo.password) {
				delete res.userInfo.password
			}
			if (res.type == 'register') {
				await registerSuccess(res.uid)
			} else {
				if (Object.keys(deviceInfo).length) {
					// console.log(979797, {
					// 	deviceInfo,
					// 	user_id: res
					// });
					//更新当前用户设备信息
					await db.collection('uni-id-device').where({
						user_id: res.uid
					}).update(deviceInfo)
				}
			}
		} else {
			logData.state = 0
		}
		return await uniIdLogCollection.add(logData)
	}

  // 
  const KEY = CryptoJS.enc.Utf8.parse('print0manage0123')
  // 创建token
  async function createToken(_id){
    let decrypt = CryptoJS.AES.encrypt(CryptoJS.enc.Utf8.parse(`${_id}_${Date.now()}`), KEY, 
      {
        mode: CryptoJS.mode.ECB,
        padding: CryptoJS.pad.Pkcs7,
      },
    )
    let token = decrypt.toString()
    let res = await db.collection('print-users').doc(_id).updateAndReturn({token})
    if(res.updated&&!res.doc.status) await db.collection('print-users').doc(_id).update({status:1, active_date:Date.now()})
    return res.doc
  }
  // token校验
  async function checkToken(token){
    let decrypt = CryptoJS.AES.decrypt(token, KEY,
      {
        mode:CryptoJS.mode.ECB,
        padding:CryptoJS.pad.Pkcs7,
      },
    )
    let str = CryptoJS.enc.Utf8.stringify(decrypt).toString();
  
    let _id = str.split('_')[0]
    let res = await db.collection('print-users').where({_id,token}).get()
    return res.data
  }

	let res = {}
	switch (action) { //根据action的值执行对应的操作
		case 'refreshSessionKey':
			let getSessionKey = await uniID.code2SessionWeixin({
				code: params.code
			});
			if (getSessionKey.code) {
				return getSessionKey
			}
			res = await uniID.updateUser({
				uid: params.uid,
				sessionKey: getSessionKey.sessionKey
			})
			console.log(res);
			break;
		case 'register':
			var {
				username, password, nickname
			} = params
			if (/^1\d{10}$/.test(username)) {
				return {
					code: 401,
					msg: '用户名不能是手机号'
				}
			};
			if (/^(\w-*\.*)+@(\w-?)+(\.\w{2,})+$/.test(username)) {
				return {
					code: 401,
					msg: '用户名不能是邮箱'
				}
			}
			res = await uniID.register({
				username,
				password,
				nickname,
				inviteCode
			});
			if (res.code === 0) {
				await registerSuccess(res.uid)
			}
			break;
		case 'login':
			//防止黑客恶意破解登录，连续登录失败一定次数后，需要用户提供验证码
			const getNeedCaptcha = async () => {
				//当用户最近“2小时内(recordDate)”登录失败达到2次(recordSize)时。要求用户提交验证码
				const now = Date.now(),
					recordDate = 120 * 60 * 1000,
					recordSize = 2;
				const uniIdLogCollection = db.collection('uni-id-log')
				let recentRecord = await uniIdLogCollection.where({
						deviceId: params.deviceId || context.DEVICEID,
						create_date: dbCmd.gt(now - recordDate),
						type: 'login'
					})
					.orderBy('create_date', 'desc')
					.limit(recordSize)
					.get();
				return recentRecord.data.filter(item => item.state === 0).length === recordSize;
			}

			let passed = false;
			let needCaptcha = await getNeedCaptcha();
			console.log('needCaptcha', needCaptcha);
			if (needCaptcha) {
				res = await uniCaptcha.verify({
					...params,
					scene: 'login'
				})
				if (res.code === 0) passed = true;
			}

			if (!needCaptcha || passed) {
				res = await uniID.login({
					...params,
					queryField: ['username', 'email', 'mobile']
				});
				res.type = 'login'
				await loginLog(res);
				needCaptcha = await getNeedCaptcha();
			}

			res.needCaptcha = needCaptcha;
			break;
		case 'checkToken':
			res = await uniID.checkToken(uniIdToken);
			break;
		case 'logout':
			res = await uniID.logout(uniIdToken)
			break;
		case 'loginBySms':
			if (!params.code) {
				return {
					code: 500,
					msg: '请填写验证码'
				}
			}
			if (!/^1\d{10}$/.test(params.mobile)) {
				return {
					code: 500,
					msg: '手机号码填写错误'
				}
			}
			res = await uniID.loginBySms(params)
			await loginLog(res)
			break;
		case 'updatePwd':
			res = await uniID.updatePwd(params)
			break;
		case 'closeAccount':
			console.log(params.uid, '-----------------------');
			res = await uniID.closeAccount({
				uid: params.uid
			});
			break;

			// =========================== admin api start =========================
		case 'registerAdmin': {
			var {
				username,
				password
			} = params
			let {
				total
			} = await db.collection('uni-id-users').where({
				role: 'admin'
			}).count()
			if (total) {
				return {
					code: 10001,
					message: '超级管理员已存在，请登录...'
				}
			}
			const appid = params.appid
			const appName = params.appName
			delete params.appid
			delete params.appName
			res = await uniID.register({
				username,
				password,
				role: ["admin"]
			})
			if (res.code === 0) {
				const app = await db.collection('opendb-app-list').where({
					appid
				}).count()
				if (!app.total) {
					await db.collection('opendb-app-list').add({
						appid,
						name: appName,
						description: "admin 管理后台",
						create_date: Date.now()
					})
				}

			}
		}
		break;
    case 'registerUser':
      const {
        userInfo
      } = await uniID.getUserInfo({
        uid: params.uid
      })
      if (userInfo.role.indexOf('admin') === -1) {
        res = {
          code: 403,
          message: '非法访问, 无权限注册超级管理员',
        }
      } else {
        // 过滤 dcloud_appid，注册用户成功后再提交
        const dcloudAppidList = params.dcloud_appid
        delete params.dcloud_appid
        res = await uniID.register({
          autoSetDcloudAppid: false,
          ...params
        })
        if (res.code === 0) {
          delete res.token
          delete res.tokenExpired
          await uniID.setAuthorizedAppLogin({
            uid: res.uid,
            dcloudAppidList
          })
        }
      }
      break;
    case 'updateUser': {
      const {
        userInfo
      } = await uniID.getUserInfo({
        uid: params.uid
      })
      if (userInfo.role.indexOf('admin') === -1) {
        res = {
          code: 403,
          message: '非法访问, 无权限注册超级管理员',
        }
      } else {
        // 过滤 dcloud_appid，注册用户成功后再提交
        const dcloudAppidList = params.dcloud_appid
        delete params.dcloud_appid

        // 过滤 password，注册用户成功后再提交
        const password = params.password
        delete params.password

        // 过滤 uid、id
        const id = params.id
        delete params.id
        delete params.uid


        res = await uniID.updateUser({
          uid: id,
          ...params
        })
        if (res.code === 0) {
          if (password) {
            await uniID.resetPwd({
              uid: id,
              password
            })
          }
          await uniID.setAuthorizedAppLogin({
            uid: id,
            dcloudAppidList
          })
        }
      }
      break;
    }
    case 'getCurrentUserInfo':
      res = await uniID.getUserInfo({
        uid: params.uid,
        ...params
      })
      break;
    case 'managerMultiTag':
      let {
        ids, type, value
      } = params
      if (type === 'add') {
        res = await db.collection('uni-id-users').where({
          _id: dbCmd.in(ids)
        }).update({
          tags: dbCmd.addToSet({
            $each: value
          })
        })
      } else if (type === 'del') {
        res = await db.collection('uni-id-users').where({
          _id: dbCmd.in(ids)
        }).update({
          tags: dbCmd.pull(dbCmd.in(value))
        })
      } else {
        res = {
          code: 403,
          msg: '无效操作'
        }
        return
      }
      break;
      // =========================== admin api end =========================
      
    case 'activate':
      let { code } = params
      let aType = parseInt(params.type)
      if(!aType) aType = 0
      if(!code||code.length!=24) return {
        code: 201,
        msg: '激活码错误'
      }
      let users = await db.collection('print-users').where({_id:code}).get()
      
      if(!users.data.length) return {
        code: 201,
        msg: '激活码错误'
      }
      console.log(users)
      if(users.data[0].status==1) {
        // if(aType==1){
        //   if(!users.data[0].type||users.data[0].type!=aType) return {
        //     code: 201,
        //     msg: '激活设备型号错误'
        //   }
        // }else{
        //   if(users.data[0].type) return {
        //     code: 201,
        //     msg: '激活设备型号错误'
        //   }
        // }
        
        // res = {
        //   code:200,
        //   msg: '激活成功',
        //   data: users.data[0],
        // }
        return {
          code: 201,
          msg: '该激活码已被激活使用'
        }
      }else{
        if(aType!=users.data[0].type||(!users.data[0].type&&aType==1)){
          return {
            code: 201,
            msg: '激活打印机类型有误,请尝试切换'
          }
        }
        let r = await createToken(code)
        res = {
          code:200,
          msg: '激活成功',
          data:r,
        }
      }
      
      break;
    case 'checkActivate':
      let { token } = params;
      if(!token) return {
        code: 201,
        msg: '激活失效,请尝试重新激活设备'
      }
      let r1 = await checkToken(token)
      if(!r1.length) return {
        code: 201,
        msg: '激活失效,请尝试重新激活设备'
      }
      res = {
        code: 200,
        msg: '检测成功',
        data: r1[0]
      }
      break;

    default:
      res = {
        code: 403,
        msg: '非法访问'
      }
      break;
	}
	//返回数据给客户端
	return res
}
